Posts

Showing posts from June, 2020

What Makes a Security Plan?

      Hello, and welcome back to my blog. This week, I would like to quickly discuss the levels that go into making a security plan. These types of plans are an important tool for IT departments and Cybersecurity Administrators to design a plan that will help protect or slow down an attack on the network.     Of course, security plans can vary from company to company; however, their purpose remains the same, with threats looming every day. With IT managers adjusting in response to the ever-changing threats, the created security plan must be designed to stop or slow down any attempt to breach network defenses. Below we will look at the principal components of a security plan and what they entail.    Separate Networks              As the name suggests, having more than one network can protect company assists from hackers and the like. The reason being is that having every computer on one network would lead to issues if that subsequent work were to fail, which would stop operati

Phases of Incident Response and How They Impact a Company.

Hello, and Welcome to my blog!   This week we will be looking at the phases of Incident Response and how they may impact a company.   What is an Incident Response? An incident response plan is well a documented, written plan with six distinct phases that help IT professionals and staff identify and deal with a cybersecurity incident, such as a data breach or cyberattack. Properly create and manage an incident response plan that involves regular updates and training.    The plan contains six phases: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned.   Preparation   This phase will be the main workhorse of the Incident Response plan and the most crucial phase to protect your business. The response plan should be well documented and thoroughly explains everyone’s roles and responsibilities. It is best to test the said plan as practice makes perfect and prepared if something was to occur.   Identification This is where a determination will b

What is Penetration Testing?

Hello, and welcome to my blog!   This week, I will be discussing the topic of penetration testing and what it means for cybersecurity.   So, you may be wondering what penetration testing is and what is its purpose? Penetration testing, also known as pen testing, is a simulated cyberattack against a computer system to check for exploitable vulnerabilities. Pen testing is used to breach several applications, such as application protocol interfaces (APIs), and front-end/back-end servers. It can also be used to fine-tune the web application firewall (WAF). Pen the testing process can be broken down into five stages.   Planning and reconnaissance , which includes defining the scope and goals of the test, the systems to be addressed, the testing methods to be used, and intelligence gathering.   Scanning , which is to understand how the target application will respond to various intrusion attempts. This includes:   ·         Static analysis  – Inspecting an application’s